Senior information security professional safeguarding financial infrastructure — spanning penetration testing, threat intelligence, and ISO 27001 governance.
Senior Executive Officer, Information Security & Governance Division — Private Commercial Bank, Dhaka.
I lead vulnerability assessment, penetration testing, and security governance inside a commercial bank, where a missed finding is measured in real customer trust. My work spans the full assessment lifecycle — scoping, exploitation, remediation tracking, and audit-ready reporting — across mobile, API, infrastructure, and cloud.
Across 15+ years in IT and security, I've moved from network engineering into offensive security and ISMS governance, mapping findings against the standards that regulators actually check: Bangladesh Bank ICT Security Guideline, ISO/IEC 27001, PCI DSS, SWIFT CSP, and OWASP.
I hold the EC-Council offensive track end to end — CEH, ECSA, and LPT Master — alongside threat intelligence and ISO 27001 Lead Auditor credentials, and I've represented my institution to a national #1 placement among financial institutions in the Bangladesh Cyber Drill.
Every credential below is independently verifiable through its issuing body and credential ID.
Every certificate below is genuine and verifiable. Filter by category, or open any card to view the full certificate.
Lead VAPT, penetration testing, and threat analysis across the bank's digital platforms. Develop threat & vulnerability management policies, drive ISO 27001 and PCI DSS programs as project manager, and run institution-wide security awareness. Primary point of contact for investigating and resolving security incidents.
Built and secured intranet/internet networks for a UN peace-support training institute. Managed Active Directory, Linux web/e-learning servers, MikroTik core routing with load balancing, and the CPTM online examination platform for the Bangladesh Army, Navy, and Air Force.
Maintained domain controllers, mail and SMS servers, and inter-site data links between head office and manufacturing plants. Managed Kaspersky AV, proxy, VPN, and MikroTik bandwidth control, with full server backup and uptime monitoring.
Monitored base-station systems and resolved faults across client networks. Configured and troubleshot switches, routers, and radio links, and delivered networking projects for enterprise clients.
Rank 10 nationally across Bangladesh and 1st among all financial institutions in the national cybersecurity contest.
Led team MBL_XForce to first place among financial institutions, organized by BGD e-GOV CIRT (N-CERT).
First place among financial institutions for the second consecutive year with team MBL_XForce.
Recognized by the Managing Director & CEO of Mercantile Bank for outstanding results in Financial and National Cyber Drill programs.
Silver Medal for academic distinction in the M.Sc. in Computer Science program.
Assessed suitable for skilled migration under ANZSCO 263111 (Computer Network & Systems Engineer) by the Australian Computer Society.
Available for penetration testing, security assessment, and information security advisory engagements — locally in Dhaka and internationally.